Cover Image

Buffer overflow attack mitigation via Trusted Platform Module (TPM)

As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions...

Full description

Saved in:
Bibliographic Details
Main Authors: Teh, Jia Yew, Samsudin, Khairulmizam, Udzir, Nur Izura, Hashim, Shaiful Jahari
Format: Article
Language:English
Published: IKRAM Education 2014
Online Access:http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf
http://psasir.upm.edu.my/id/eprint/51814/
http://iukl.edu.my/iukl-research-journal/archives/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.upm.eprints.51814
record_format eprints
spelling my.upm.eprints.518142017-05-02T04:39:21Z http://psasir.upm.edu.my/id/eprint/51814/ Buffer overflow attack mitigation via Trusted Platform Module (TPM) Teh, Jia Yew Samsudin, Khairulmizam Udzir, Nur Izura Hashim, Shaiful Jahari As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions, especially in key exchange protocols deemed to be an integral part of cryptographic solutions. In this paper we propose the use of TPM's Platform Configuration Register (PCR) in the detection and prevention of stack based buffer overflow attacks. Detection is achieved via the integrity validation (of SHA1 hashses) of both return address and call instruction opcodes. Prevention is achieved via encrypting the memory location addresses of both the return and call instruction above using RSA encryption. An exception is raised should integrity violations occur. Based on effectiveness tests conducted, our proposed solution has successfully detected 6 major variants of buffer overflow attacks attempted in conventional application codes, while incurring overheads that pose no major obstacles in the normal, continued operation of conventional application codes. IKRAM Education 2014 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf Teh, Jia Yew and Samsudin, Khairulmizam and Udzir, Nur Izura and Hashim, Shaiful Jahari (2014) Buffer overflow attack mitigation via Trusted Platform Module (TPM). Infrastructure University Kuala Lumpur Research Journal, 2 (1). pp. 73-84. ISSN 2289-4144 http://iukl.edu.my/iukl-research-journal/archives/
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
description As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions, especially in key exchange protocols deemed to be an integral part of cryptographic solutions. In this paper we propose the use of TPM's Platform Configuration Register (PCR) in the detection and prevention of stack based buffer overflow attacks. Detection is achieved via the integrity validation (of SHA1 hashses) of both return address and call instruction opcodes. Prevention is achieved via encrypting the memory location addresses of both the return and call instruction above using RSA encryption. An exception is raised should integrity violations occur. Based on effectiveness tests conducted, our proposed solution has successfully detected 6 major variants of buffer overflow attacks attempted in conventional application codes, while incurring overheads that pose no major obstacles in the normal, continued operation of conventional application codes.
format Article
author Teh, Jia Yew
Samsudin, Khairulmizam
Udzir, Nur Izura
Hashim, Shaiful Jahari
spellingShingle Teh, Jia Yew
Samsudin, Khairulmizam
Udzir, Nur Izura
Hashim, Shaiful Jahari
Buffer overflow attack mitigation via Trusted Platform Module (TPM)
author_facet Teh, Jia Yew
Samsudin, Khairulmizam
Udzir, Nur Izura
Hashim, Shaiful Jahari
author_sort Teh, Jia Yew
title Buffer overflow attack mitigation via Trusted Platform Module (TPM)
title_short Buffer overflow attack mitigation via Trusted Platform Module (TPM)
title_full Buffer overflow attack mitigation via Trusted Platform Module (TPM)
title_fullStr Buffer overflow attack mitigation via Trusted Platform Module (TPM)
title_full_unstemmed Buffer overflow attack mitigation via Trusted Platform Module (TPM)
title_sort buffer overflow attack mitigation via trusted platform module (tpm)
publisher IKRAM Education
publishDate 2014
url http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf
http://psasir.upm.edu.my/id/eprint/51814/
http://iukl.edu.my/iukl-research-journal/archives/
_version_ 1643835063511547904
score 13.19449

Similar Items